Skip to content

Commit Gemfile.lock for reproducible tests #3265

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Commit Gemfile.lock for reproducible tests #3265

wants to merge 1 commit into from

Conversation

@kpumuk
Copy link
Contributor

@kpumuk kpumuk commented Dec 1, 2025
edited
Loading

Addressed a syntax error in the thrift.gemspec, and committed Gemfile.lock files for both the gem and tests. Gems source switched to https://rubygems.org (from http://).

This is a strongly recommended approach according to the Bundler team:

As a result, you SHOULD check your Gemfile.lock into version control, in both applications and gems. If you do not, every machine that checks out your repository (including your production server) will resolve all dependencies again, which will result in different versions of third-party code being used if any of the gems in the Gemfile(5) or any of their dependencies have been updated.
https://bundler.io/man/bundle-install.1.html#THE-GEMFILE-LOCK

Also helps with Dependabot, which will be able to bump the lock file, while we can relax version requirements in the gemspec.

  • Did you create an Apache Jira ticket? (Request account here, not required for trivial changes)
  • If a ticket exists: Does your pull request title follow the pattern "THRIFT-NNNN: describe my issue"?
  • Did you squash your changes to a single commit? (not required, but preferred)
  • Did you do your best to avoid breaking changes? If one was needed, did you label the Jira ticket with "Breaking-Change"?
  • If your change does not involve any code, include [skip ci] anywhere in the commit message to free up build resources.

@kpumuk kpumuk marked this pull request as draft December 1, 2025 22:18
@kpumuk kpumuk marked this pull request as ready for review December 1, 2025 22:37
@kpumuk kpumuk force-pushed the gemfile-lock branch 2 times, most recently from b9393c4 to f846c4f Compare December 1, 2025 23:26
@kpumuk
Commit Gemfile.lock for reproducible tests
aed50f2 
Addressed a syntax error in the thrift.gemspec, and committed
Gemfile.lock files for both the gem and tests. Gems source switched
to https://rubygems.org.

This is a strongly recommended approach according to the Bundler team:

> As a result, you SHOULD check your Gemfile.lock into version control,
> in both applications and gems. If you do not, every machine that
> checks out your repository (including your production server) will
> resolve all dependencies again, which will result in different
> versions of third-party code being used if any of the gems in the
> Gemfile(5) or any of their dependencies have been updated.
https://bundler.io/man/bundle-install.1.html#THE-GEMFILE-LOCK

Also helps with Dependabot, which will be able to bump the lock file,
while we can relax version requirements in the gemspec.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kpumuk